The Department of Justice (DOJ) recently made significant announcements regarding charges and sanctions against Chinese hackers involved in breaching critical U.S. government systems, particularly targeting the Treasury Department.
Charges and Sanctions
As part of these measures, the Justice Department brought charges against 12 Chinese nationals for their involvement in the Treasury breach and other cyberattacks targeting various U.S. entities critical of the Chinese government. Among those charged were Yin Kecheng and Zhou Shuai, members of the APT27 hacking group known for their cyber activities dating back to 2013.
Furthermore, eight members of Anxun Information Technology Co. Ltd. and two individuals from the Chinese Ministry of Public Security were also charged for their roles in email and website hacks spanning from 2016 to 2023. The DOJ also seized internet domains associated with Anxun Information Technology.
Government Response
The Justice Department alleged that the Chinese government utilized a system of hackers-for-hire, engaging private Chinese companies to conduct cyber intrusions and data theft in an attempt to conceal government involvement in these activities.
In response to the breaches, the Treasury Department initiated investigations with support from the Cybersecurity and Infrastructure Security Agency and other federal entities to address the security incidents promptly.
Reward Offers and Sanctions
As part of the actions taken, the State Department announced rewards of up to $10 million for information leading to the identification and location of the charged individuals. Additionally, separate rewards were offered for specific individuals involved in the cyber activities.
Moreover, the Treasury Department imposed sanctions on Zhou Shuai, Yin Kecheng, and the Shanghai Heiying Information Technology Company for their roles in the hacking incidents. Yin had previously been sanctioned by the Treasury Department in January for his involvement in breaching the agency’s systems.
Conclusion
The recent developments underscore the ongoing threats posed by cyber actors linked to the Chinese government and highlight the collaborative efforts of various U.S. agencies to address and counter such intrusions. The DOJ’s actions send a clear message about the consequences for those involved in malicious cyber activities.
